[go: up one dir, main page]

Crisis Management: Definition, How It Works, Types, and Example

Crisis Management: Identifying threats to an organization or its stakeholders and responding effectively to those threats. Crisis Management: Identifying threats to an organization or its stakeholders and responding effectively to those threats.

Investopedia / Michela Buttignol

What Is Crisis Management?

Crisis management refers to the identification of a threat to an organization and its stakeholders in order to mount an effective response to it.

Due to the unpredictability of global events, many modern organizations attempt to identify potential crises before they occur in order to sketch out plans to deal with them. When and if a crisis occurs, the organization must be able to drastically change course in order to survive.

Key Takeaways

  • Even the best-managed businesses may be hit by a crisis caused by external or internal events.
  • Crisis management is the strategy of anticipating crises at the corporate level and planning how to deal with them effectively.
  • Crisis management begins with risk analysis, however, it should not be confused with risk management.

Understanding Crisis Management

Any business, large or small, may run into problems that negatively impact its normal operations. A crisis can take many forms: an office fire, the death of a CEO, a terrorist attack, a data breach, or a natural disaster; all of which can lead to tangible and intangible costs to a company in terms of lost sales, damage to its reputation, and a decrease in income.

Businesses that put a continuity plan in place in case of unforeseen contingencies can mitigate the effects of a negative event. The process of having a business continuity plan in place in the event of a crisis is known as crisis management.

The COVID-19 crisis that began in early 2020 can be expected to become a textbook example of crisis management. Businesses around the world were forced to shut their doors. Millions of employees were sent home. Essential services struggled to function. History will judge how effective the powers-that-be were in their crisis management skills.

How to Implement Crisis Management

Most firms start by conducting risk analysis on their operations. Risk analysis is the process of identifying adverse events that may occur and estimating their likelihood of occurring. By running simulations and random variables with risk models, such as scenario tables, a risk manager can assess the probability of a threat occurring in the future, the best- and worst-case outcome, and the damage the company would incur should this threat come to fruition.

For example, a risk manager may estimate that the probability of a flood occurring within a company's area of operation is very high. The worst-case scenario would be the destruction of the company’s computer systems, thereby, losing pertinent data on customers, suppliers, and ongoing projects.

Once the risk manager knows what they are dealing with in terms of possible risks and impacts, a plan is developed by the crisis management team to contain any emergency should it become a reality. For example, a company facing flood risk might create a backup system for all computer systems. This way, the company would still have a record of its data and work processes.

Although the business might slow down for a short period while the company purchases new computer equipment, operations would not be completely halted. By having a crisis resolution in place, a company and its stakeholders can prepare and adapt to unexpected and adverse developments.

Crisis Management vs. Risk Management

Crisis management is not necessarily the same thing as risk management. Risk management involves planning for events that might occur in the future, crisis management involves reacting to negative events during and after they have occurred.

An oil company, for example, may have a plan in place to deal with the possibility of an oil spill. If such a disaster actually occurs, the magnitude of the spill, the backlash of public opinion, and the cost of cleanup can vary greatly and may exceed expectations. The scale makes it a crisis.

Types of Crises

A crisis can either be self-inflicted or caused by external forces. Examples of external forces that could affect an organization’s operations include natural disasters, security breaches, or false rumors that hurt a business's reputation.

Self-inflicted crises are caused within the organization, such as when an employee smokes in an environment that contains hazardous chemicals, downloads questionable computer files, or offers poor customer service that goes viral online.

An internal crisis can be managed, mitigated, or avoided if a company enforces strict compliance guidelines and protocols regarding ethics, policies, rules, and regulations among employees.

Crisis Management Coverage

Crisis management coverage is designed to help a business limit the negative impact of events on its reputation. It is an insurance agreement usually made as part of a policy covering technology errors and omissions and Internet property and liability insurance policies.

Previously concerned with reputation management, crisis management coverage is increasingly used to cover expenses incurred to restore confidence in the security of the insured's computer systems in the event of a cybersecurity or data breach.

It also covers reputational threats such as product contamination or recall, terrorism, political violence, natural disasters, workplace violence, and adverse media exposure.

Large corporations are the most frequent buyers of crisis management coverage, but any business whose profitability is closely linked to its reputation is a potential customer.

What Are the Main Steps of Crisis Management?

The main steps of crisis management include:

  1. Detecting early warning signs and signals
  2. Preparation and prevention
  3. Containing damage
  4. Recovery from crisis
  5. Learning and adapting from the crisis

What Is the Golden Rule of Crisis Management?

The golden rule of crisis management is to be proactive. Rather than taking action when a crisis occurs, it is important to be proactive before a crisis occurs. This involves identifying the possible threats to your business and implementing plans on how the business will react if these problems come to fruition. This will help minimize the damage to your business. Waiting once the problem arrives could be disastrous.

What Is the Main Goal of Crisis Management?

The main goal of crisis management is to protect all stakeholders of the firm. This includes employees, customers, and any other parties involved with the business. This can take the form of emergency plan implementation and methods to reduce hazards and increase safety.

The Bottom Line

Crisis management involves identifying potential threats to a company and strategically managing them in order to minimize the damage to a business and its stakeholders.

Such threats can include data breaches and natural disasters. Having a crisis management plan in place allows a business to continue operating when a disaster happens, preserving the business's operations and reputation.